7th Annual IEEE Information Assurance Workshop

 21-23 June 2006

 "The West Point Workshop"

 United States Military Academy, West Point, New York
Chair:  LTC Ronald Dodge, Ronald.Dodge@usma.edu

http://www.itoc.usma.edu/workshop/2006
   

Home
Call for Papers
Papers
Posters
Submission
Registration
Travel
Lodging
Program
Vendor Info
Contacts
Photographs
   IAWorkshop 2006 START Conference Manager    

Towards High Level Attack Scenario Graph through Honeynet Data Correlation Analysis

Jianwei Zhuge, Xinhui Han, Zhiyuan Ye and Wei Zou

The 7th IEEE Information Assurance Workshop (IAWorkshop 2006)
West Point, New York, USA, June 21-23, 2006

Abstract

Honeynet Data Analysis has become a core requirement of honeynet technology. However current honeynet data analysis mechanisms can not provide security analysts enough capacities of comprehend the captured data quickly, especially, there is no work on behavior level correlation analysis of honeynet data. Towards providing high level attack scenario graphs, in this paper, we propose a honeynet data correlation analysis model and method. Based on a network attack and defense knowledge base and network environment apperceive mechanism, our proposed honeynet data correlation analysis method can recognize the attacker\s plan from a large volume of captured data and reconstruct the attack scenario. Two proof-of-concept experiments on Scan of the Month 27 dataset and in-the-wild botnet scenarios are presented to show the effectiveness of our proposed honeynet data correlation analysis method.

  
START Conference Manager (V2.52.3)
Maintainer: rrgerber@softconf.com

 

   
         
The IEEE Information Assurance Workshop is sponsored by the IEEE Systems Man and Cybernetics Society, supported by the National Security Agency, and hosted by the Information Technology Operations Center, Department of Electrical Engineering and Computer Science, at the United States Military Academy, West Point, New York.